Behavioral Adaptive Authentication for Transaction Security

Not all transactions have the same level of risk and therefore require the same level of authentication and security. High-value and high-risk transactions require the most secure authentication process, while low-risk transaction can do with password-based authentication or even cookie-based identification. Obviously, the line between high-risk and low-risk depends on which business you’re in and may change over time.

Adaptive authentication is the technology used to implement this risk-based approach. Adaptive authentication scores transactions based on business-defined rules (an amount for example) and user history parameters (whether that user has made similar transactions), and also on contextual parameters such as the location or the type of device used. Based on the risk score, different authentication mechanisms are enforced.

Behavioral (continuous) authentication is another technology. It compares how any given user interacts in your application (keyboard strokes, mouse movements, touchscreen swipes, angle of the phone…) with a personalized model that has been created for that user. This provides a probability or score that the user currently with the application or device is the same one for which the model was created. It also verifies that the user who has initiated the session is still the same one who is now doing transactions.

Behavioral adaptive authentication merges both approaches and makes it possible to evaluate risks based on a wide range of parameters (business-defined, contextual, user history, and user behavior). It therefore allows for implementation of an optimized combination of authentication factors including simple and advanced device fingerprinting, device credentials, behavioral biometrics, user secrets, and on-device static biometrics, providing the minimal friction possible at any given risk level.

AI-based User Model Creation

The behavioral authentication implemented by inWebo combines the power of machine learning, behavioral biometrics, and sensor analytics to provide continuous authentication and fraud detection for mobile and web applications while providing a frictionless experience for the user. Based on academic research and rigorous production-grade testing, the AI engine learns extremely fast and puts the data to work quickly.

Implementation

Adaptive continuous authentication requires 2 components:

Profile data collectors implemented in your application, native or web: the role of this component is to collect behavioral data from the user’s device. It is available as an SDK for mobile applications (iOS, Android, Windows Phones) but also for web applications (javascript). As an application developer, you only need to enable the data collector for the relevant interactions.

A scoring engine: this component is fed by the data collectors and by your Identity & Access Management systems. It provides continuously updated scores for ongoing sessions and dynamic decision-making.

How to activate behavioral adaptive authentication with your inWebo service